Hackers temporarily upset balance of Twitter universe

NEW YORK — A new way to cause mischief quickly spread through short-messaging service Twitter on Tuesday morning before the site could fix the problem, as mysterious "tweets" of blocked-out text propagated themselves and caused popup windows to open.

Shortly before 10 a.m., Twitter said on its "safety" feed on the site that the attack had been shut down. It also said it does not believe that any user information was compromised, rather, the "vast majority" of the breaches were pranks or promotions.

The hack had been extra nefarious because the tweets activated without being clicked on — it was enough for Web surfers to move their mouse cursors over them. The popups could, though didn't necessarily, contain malicious code that could take over poorly protected computers. The White House's official Twitter feed — followed by 1.8 million users — was among those affected, though the offending message was quickly taken down.

Twitter said the problem was caused by something called "cross-site scripting," which allowed users to run JavaScript programs on others' computers, turning tweets different colors or causing the popup boxes to appear. Some users, Twitter added, took things a step further and included code that got people's accounts to retweet the messages without their knowledge.

"It was like a massive snowball fight that got out of control," said Ray Dickenson, chief technology officer at computer security firm SafeCentral.